Cybersecurity News
WhatsApp updates privacy policy to enable sharing more data with Facebook
Many users have until February 8 to accept the new rules – or else lose access to the app
The post WhatsApp updates privacy policy to enable sharing more data with Facebook appeared first on WeLiveSecurity
07 January 2021
New Year, New Ransomware: Babuk Locker Targets Large Corporations
Despite being a mostly run-of-the-mill ransomware strain, Babuk Locker's encryption mechanisms and abuse of Windows Restart Manager sets it apart.
07 January 2021
Cobalt Strike and Metasploit accounted for a quarter of all malware C&C servers in 2020
Security firm Recorded Future said it tracked more than 10,000 malware command and control servers last year, used across more than 80 malware families.07 January 2021
The 3 Most Common Types of BEC Attacks (And What You Can Do About Them)
Always be skeptical and double check credentials.07 January 2021
Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire
The messaging platform will update its privacy platform on Feb. 8 to integrate further with its parent company, prompting users to cry foul over privacy issues.
07 January 2021
Former VP with an ax to grind hacks company, disrupts PPE supply, earns jail term
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic.07 January 2021
Disgruntled former VP hacks company, disrupts PPE supply, earns jail term
The sabotage of electronic records led to delays in shipping critical PPE during the COVID-19 pandemic.07 January 2021
North Korean hackers launch RokRat Trojan in campaigns against the South
A VBA self decoding technique is being used to hide the malware on impacted systems.07 January 2021
JetBrains denies being the origin point of the SolarWinds hack
JetBrains denies confusing reports from the New York Times and Wall Street Journal portraying it as the origin point of the SolarWinds hack, which was later used to attack thousands of companies worldwide.06 January 2021
JetBrains denies being involved in SolarWinds hack
JetBrains denies reports that is being under investigation and somehow related to the SolarWinds breach.06 January 2021
Healthcare Organizations Bear the Brunt of Cyberattacks Amid Pandemic
In the past two months alone, attacks against the sector soared 45% - more than double the rate of other sectors, Check Point says.06 January 2021
NSA Urges SysAdmins to Replace Obsolete TLS Protocols
The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.
06 January 2021
Nissan Source Code Leaked via Misconfigured Git Server
Leaked information includes source code of Nissan mobile apps, diagnostics tool, and market research tools and data, among other assets.06 January 2021
It’s Not the Trump Sex Tape, It’s a RAT
Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.
06 January 2021
DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks
Three percent of email accounts were breached, the Department of Justice reports.06 January 2021
Feds Issue Recommendations for Maritime Cybersecurity
Report outlines deep cybersecurity challenges for the public/private seagoing sector.
06 January 2021
Friction Affliction: How to Balance Security With User Experience
There's a fine line between protecting against suspicious, malicious, or unwanted activity and making users jump through hoops to prove themselves.
06 January 2021
SolarWinds fallout: DOJ says hackers accessed its Microsoft O365 email server
The US Department of Justice is one of the rare SolarWinds victims where hackers escalated the hack to a second phase and moved to access internal email inboxes, the agency said today.06 January 2021
Request for Comments: SPoC Unsupported Operating Systems Annex
From 6 January 2021 to 4 February 2021, PCI SSC stakeholders can participate in a Request for Comments (RFC) on the new SPoC Unsupported Operating Systems Annex draft.
06 January 2021
Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw
More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.
06 January 2021